Tag Archives: programmer

MySQL 5.7 Reference Manual

My SQL

Nowadays, MySQL is the most popular database system used with PHP among so many developers. PHP combined with MySQL are cross-platform which you can develop in Windows and serve on a Unix platform. Basically, tables stores the data in a MySQL database. A table consists columns and rows which is a collection of related data. Databases are useful for storing information categorically. My SQL is an open source relational database management system (RDBMS).  So, whether you are a mobile or web developer, it is never too late to learn more about MySQL 5.7. Here are the details and don’t hesitate to check them out!

MySQL has supported for full-text indexing and searching, such as follows:

  • A full-text index in MySQL is an index of type FULLTEXT.
  • Only with InnoDB or MyISAM tables, you can create Full-text indexes, and can be created only for CHAR, VARCHAR, or TEXT
  • As of MySQL 5.7.6, My SQL provides a built-in full-text ngram parser. It supports Chinese, Japanese, and Korean (CJK), and an installable MeCab full-text parser plugin for Japanese. Parsing differences are outlined in Section 13.9.8, “ngram Full-Text parser”. Then, Section 13.9.9, “MeCab Full-Text Parser Plugin”.
  • CREATE TABLE provides A FULLTEXT index definition or adds later using ALTER TABLE orCREATE INDEX.
  • To load large data sets faster, you can use a table that has no FULLTEXT index. Then, create the index to load data into a table that has an existing FULLTEXT index.

By using  MATCH() … AGAINST syntax, you can perform full-text searching. MATCH() takes a comma-separated list that names the columns to be searched. You can use AGAINST to take a string and an optional modifier that indicates what type of search to perform. Create search string that is constant during query evaluation through string value. This rules out, for example, a table column because that can differ for each now.

There are three types of full-text searches:

  • A natural language search interprets search string as a phrase in natural human language. There are no special operators. The stop word list applies if the modifier gives or not give the IN NATURAL LANGUAGE MODE. Full-text searches are natural language searches.
  • Using the rules of a special query language, a Boolean search interprets the search string. The string contains the words to search for. It can also contain operators that specify requirements such that a word must be present or absent in matching rows. It also should be weighted higher or lower than usual. In Boolean search interprets, search index will omit certain common words. Besides, some words do not match if present in the search string. The IN BOOLEAN MODE modifier specifies a Boolean search.
  • A modification of a natural language search is a query expansion. To perform a natural language search, you can use search string. After adding the words to the search string, then words from the most relevant rows returned by the search. The search is done again. From the second search, the query returns the rows.

Introduction of Cross-Site Scripting (XSS) Vulnerability & How to Prevent It?

What is the Cross-site Scripting (XSS) Vulnerability & How to Prevent it

As a web developer, you may know XSS as Cross-site Scripting. It is a way of bypassing the SOP concept. An attacker could easily insert his own HTML code whenever HTML code is generated dynamically, and the user input is not sanitized and is reflected on the page. In this case, the web browser will still display the user’s code since it belongs to the website where it is injected.

The attacker could easily interject JavaScript code which would run under the site’s context. By this way, the attacker can access other pages on the same domain and read data like CSRF-Tokens or the set cookies.

The attacker can use the cookies which typically contain session identifier information, and use it in his own browser and login to the web application as the victim. Another way is by reading private information from the pages, such as read CSRF tokens and makes requests on behalf of the user.

Impacts of the Cross-site Scripting Vulnerability

There are many impacts of an exploited XSS vulnerability. It ranges from Session Hijacking to the disclosure of sensitive data, CSRF attacks and more. The attacker can impersonate the victim and take over the account by exploiting a cross-site scripting vulnerability. It might even lead to code execution on the server if the victim has administrative rights. But it will depend on the application and the privileges of the account. To get more information on how a XSS vulnerability was used in a successful attack can read about the apache.org jira incident .

Preventing XSS Vulnerabilities

The most important thing in preventing cross-site scripting vulnerabilities is to apply a context dependent output encoding. In some cases it might be enough to encode the HTML special characters, such as opening and closing tags. In other cases, URL encoding is necessary if it is correctly applied.

Moreover, your inbuilt XSS filter, even in your most modern web browsers should not be seen as an alternative to sanitization. However, they cannot catch all kinds of cross-site scripting attacks. As a result, this will prevent some pages from loading correctly. Since the idea is to minimize the impact of existing vulnerabilities, a web browser’s XSS filter should only be a “second line of defense”.

A Comparison of jQuery VS AngularJS

a-comparison-of-jquery-vs-angular

Most of web developers might be familiar with jQuery, but not many are common with AngularJS. However, with the rise of Angular, it is important to know the differences between the two. For example, you might want to know when to use jQuery or AngularJS? How to avoid common mistake of using AngularJS in jQuery Fashion? Can we use jQuery inside or with AngularJS? You can find all of the answers here.

Definition of jQuery

jQuery is a JavaScript Library that is a lightweight and feature-rich. It helps web developers simplify the usage of client-side scripting for web applications through JavaScript. It extensively simplifies using JavaScript on a website and it’s lightweight as well as fast.

So, in general jQuery will enable you to:

  • Easily manipulate the contents of a webpage
  • Apply styles to make UI more attractive
  • Easy DOM traversal
  • Effects and animation
  • Simple to make AJAX calls and
  • Utilities and much more… etc.

As jQuery is a JavaScript Library, you can use this library to fulfill a single or many of the features it provides in our application partially/fully. For example, you can make AJAX-based calls or you can also give some effects and animations by simply using jQuery library. It works like a plugin.

Definition of AngularJS

AngularJS is one among so many Google products, it also an open source MVC-based framework which many people consider it as the best framework in its generation. So, if you wish to create a great tool for building highly rich client-side web applications, Angular is the best option for it. In fact, it is not only a JavaScript library, but also a framework that is design perfectly. This framework will lead us to follow some rules and a structures approach.

Compared to jQuery, AngularJS offers more features, such as follows:

  • Two-Way data binding
  • REST friendly
  • MVC-based pattern
  • Deep Linking
  • Template
  • Form Validation
  • Dependency Injection
  • Localization
  • Full Testing Environment
  • Server Communication

When to Use jQuery or AngularJS?

Many people think that AngularJS and jQuery share the same value of technology, but AngularJS is actually more suitable for the web application development as it can work on the HTML code and JSON data. It works in developing for interactive and robust applications but using the same for a simple website development. As a result, it produces slow loading and quite erratic websites.

On the other hand, jQuery provides a fast and feature-rich language. Moreover, it has in-built features such as HTML document traversal, event handling, manipulation, animation and Ajax support and others. Those stuffs will make you easier to develop hardcore websites. Therefore, it is necessary to frame a sound approach dedicated either to develop an advanced web application or website development before utilizing any of these highly intuitive and robust languages.

Don’t Use AngularJS in jQuery Fashion

If you love to use a huge amount of plugins, jQuery is the easier framework that you can use. However, with AngularJS, you will experience a totally different structure. This will make it more difficult for you to find any plugins or to create one. However, AngularJS has jqLite which owns the jQuery functionalities and as the result, it can be applied for developing different plugins as per the need of websites but not good for developing or patching codes of old plugins and embedding it on the website.

Code Comparison

For a developer perspective, the code comparison is as follows:

jQuery Code

AngularJS Code

<div id=”tabs”>
    <ul>
            <li><a href=”#tabs-1″>Tab 1</a><li>
            <li><a href=”#tabs-2″>Tab 2</a><li>
            <li><a href=”#tabs-3″>Tab 3</a><li>
    </ul>
    <div id=”tabs-1″>
   …
    </div>
    <div id=”tabs-2>
   …
    </div>
    <div id=”tab-3>
   …
    </div>
</div>

$(“#tabs”).tabs();

<tabs>
        <tab title=”Tab 1″>
                …
        </tab>
        <tab title=”Tab 2″>
                …
        </tab>
        <tab title=”Tab 3″>
                …
        </tab>
</tabs>

 

Can We Use jQuery inside or With AngularJS?

In certain scenarios, we may want our AngularJS application to use jQuery library. Now, AngularJS can use jQuery in our application when the application is being bootstrapped. Otherwise, Angular will use its own implementation of the subset of jQuery that we discussed above jqLite.

Conclusion

AngularJS and JQuery are actually two technologies that are meant for different target. JQuery is best suited for DOM manipulation while AngularJS is suited for web application development.